Microcontrollers, microprocessors, and other integrated circuits (ICs) often can employ critical security parameters (CSPs), such as cryptographic keys, authentication data, or other sensitive data which can be utilized to provide additional security or other functionality. The disclosure or modification of these CSPs can compromise this functionality.
CSPs are often delivered to the IC in a secure manufacturing or provisioning environment. This can raise issues regarding the security of the CSPs. For example a manufacturer could potentially circumvent these secure procedures, failing to install a CSP or installing an incorrect, repeating, changed, prohibited, etc. CSP by mistake, or as a result of a malicious action. CSP self-generation by the IC, and manual or automatic delivery of the CSP to secure storage outside the device in a secure manner, can help avoid some of these issues, but a CSP may still be compromised through a debug interface that can allow a party to intercept the key or meddle with it through the device debug interface. All of these methods apply to both symmetric and asymmetric keys.